nixpkgs

Author SHA1 Message Date

Author	SHA1	Message	Date
aszlig	ef753d210e	chromium: Update all channels to latest versions Overview of the updated versions: stable: 49.0.2623.87 -> 49.0.2623.110 beta: 50.0.2661.26 -> 50.0.2661.49 dev: 50.0.2661.18 -> 51.0.2693.2 Most notably, this includes a series of urgent security fixes: * CVE-2016-1646: Out-of-bounds read in V8. Credit to Wen Xu from Tencent KeenLab. * CVE-2016-1647: Use-after-free in Navigation. Credit to anonymous. * CVE-2016-1648: Use-after-free in Extensions. Credit to anonymous. * CVE-2016-1649: Buffer overflow in libANGLE. Credit to lokihardt working with HP's Zero Day Initiative / Pwn2Own. * CVE-2016-1650: Denial of service in PageCaptureSaveAsMHTMLFunction The official release announcement with details about these fixes can be found here: http://googlechromereleases.blogspot.de/2016/03/stable-channel-update_24.html Beta and stable could be also affected, although I didn't do a detailed check whether that's the case. As this introduces Chromium 51 as the dev version, I had to make the following changes to make it build: * libexif got removed, so let's do that on our end as well. See https://codereview.chromium.org/1803883002 for details. * Chromium doesn't seem to compile with our version of libpng, so let's resort to the bundled libpng for now. * site_engagement_ui.cc uses isnan outside of std namespace, so we're fixing that in postPatch using sed. I have successfully built all versions on i686-linux and x86_64-linux and tested it using the VM tests. Test reports can be found at the following evaluation of my Hydra: https://headcounter.org/hydra/eval/314584 Thanks to @grahamc for reporting this. Signed-off-by: aszlig <aszlig@redmoonstudios.org> Reported-by: Graham Christensen <graham@grahamc.com> Fixes: #14299	2016-03-30 15:24:39 +02:00
aszlig	5ebd629c6f	chromium: Fix comment of upstream-info.nix As of `6041cfe`, the upstream-info.nix (back then it was called sources.nix) is no longer in the source/ subdirectory, so we need to fix that comment to say that the file is autogenerated from update.sh in the same directory. Signed-off-by: aszlig <aszlig@redmoonstudios.org>	2016-03-20 23:10:13 +01:00
aszlig	2d9a604907	chromium: Rename sources.nix to upstream-info.nix The "sources.nix" also contains information about where to get binary packages, so calling it "upstream-info.nix" fits better in terms of naming. Also, we're moving it away from the sources dir, because the latter will soon vanish. Signed-off-by: aszlig <aszlig@redmoonstudios.org>	2016-03-20 16:48:54 +01:00

aszlig

ef753d210e

chromium: Update all channels to latest versions

Overview of the updated versions:

stable: 49.0.2623.87 -> 49.0.2623.110
beta:   50.0.2661.26 -> 50.0.2661.49
dev:    50.0.2661.18 -> 51.0.2693.2

Most notably, this includes a series of urgent security fixes:

 * CVE-2016-1646: Out-of-bounds read in V8. Credit to Wen Xu from
                  Tencent KeenLab.
 * CVE-2016-1647: Use-after-free in Navigation. Credit to anonymous.
 * CVE-2016-1648: Use-after-free in Extensions. Credit to anonymous.
 * CVE-2016-1649: Buffer overflow in libANGLE. Credit to lokihardt
                  working with HP's Zero Day Initiative / Pwn2Own.
 * CVE-2016-1650: Denial of service in PageCaptureSaveAsMHTMLFunction

The official release announcement with details about these fixes can be
found here:

http://googlechromereleases.blogspot.de/2016/03/stable-channel-update_24.html

Beta and stable could be also affected, although I didn't do a detailed
check whether that's the case.

As this introduces Chromium 51 as the dev version, I had to make the
following changes to make it build:

 * libexif got removed, so let's do that on our end as well.
   See https://codereview.chromium.org/1803883002 for details.
 * Chromium doesn't seem to compile with our version of libpng, so let's
   resort to the bundled libpng for now.
 * site_engagement_ui.cc uses isnan outside of std namespace, so
   we're fixing that in postPatch using sed.

I have successfully built all versions on i686-linux and x86_64-linux
and tested it using the VM tests.

Test reports can be found at the following evaluation of my Hydra:

https://headcounter.org/hydra/eval/314584

Thanks to @grahamc for reporting this.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Reported-by: Graham Christensen <graham@grahamc.com>
Fixes: #14299

2016-03-30 15:24:39 +02:00

aszlig

5ebd629c6f

chromium: Fix comment of upstream-info.nix

As of 6041cfe, the upstream-info.nix (back then it was called
sources.nix) is no longer in the source/ subdirectory, so we need to fix
that comment to say that the file is autogenerated from update.sh in the
*same* directory.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>

2016-03-20 23:10:13 +01:00

aszlig

2d9a604907

chromium: Rename sources.nix to upstream-info.nix

The "sources.nix" also contains information about where to get binary
packages, so calling it "upstream-info.nix" fits better in terms of
naming.

Also, we're moving it away from the sources dir, because the latter will
soon vanish.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>

2016-03-20 16:48:54 +01:00

3 Commits